Wireless Technologies
Networking for Home and Small Businesses – Chapter 7
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
1
Objectives

Describe wireless technologies.

Describe the various components and structure of a
WLAN

Describe wireless LAN security issues and mitigation
strategies

Configure an integrated wireless access point and a
wireless client .
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
2
Wireless Technologies
 Use electromagnetic waves to carry information between devices
 Use the same medium that carries radio signals through the air
 Most common wavelengths used for public wireless communications
include the Infrared and part of the Radio Frequency (RF) band.
 Parts of the spectrum are regulated by governments and licensed to
various organizations for specific applications
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
3
www.kiwi.org
 GREAT DISCUSSIONS
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
4
Wireless Technologies
 Certain areas of the RF bands have been set aside for
use by unlicensed devices such as wireless LANs,
cordless phones and computer peripherals.
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
5
Wireless Technologies
 Infrared
Long wavelength, short range, line of sight
Does not penetrate walls
Infrared Direct Access (IrDA) is used in PDAs, printers, and
wireless mice and keyboards
 Radio Frequency (RF)
Much greater range than IR, penetrates walls
Includes Industrial Scientific and Medical Bands (ISM)
Bands include 900 MHz, 2.4 GHz, and 5.8 GHz
These bands can be used with few restrictions unlike officially
licensed FCC bands
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
6
Wireless Technologies
 Define wireless networks and their boundaries
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
7
Wireless Technologies
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
8
Wireless Technologies
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
9
 WLANs use radio frequencies (RF) instead of cables at the Physical layer and
MAC sub-layer of the Data Link layer.
 RF does not have boundaries - data frames traveling available to anyone that can
receive the RF signal.
 RF is unprotected from outside signals can interfere with each other.
 RF transmission is subject to the same challenges inherent in any wave-based
technology, such as consumer radio.
 RF bands are regulated differently in various countries.
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
10
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
11
Components and Structure of a WLAN
 Standards developed to ensure that wireless devices
can communicate - specify the RF spectrum used,
data rates, how the information is transmitted
 The IEEE 802.11 standard governs the WLAN
environment - amendments are 802.11a, 802.11b,
802.11g and 802.11n
 The Wi-Fi Alliance, is responsible for testing wireless
LAN devices from different manufacturers - Wi-Fi
logo means should interoperate with other devices of
the same standard
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
12
Components and Structure of a WLAN
 Identify and describe wireless LAN standards
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
13
Explain the Components and Operations
of Basic Wireless LAN Topologies
wireless network mode - 802.11a, b, g, or n
 802.11g is backward compatible with 802.11b
 If all the clients connect to an access point with 802.11g, they
all enjoy the better data rates provided
 When 802.11b clients associate with the access point all the
faster clients contending for the channel have to wait on
802.11b clients to clear the channel before transmitting
 When a Linksys access point is configured to allow both
802.11b and 802.11g clients, it is operating in mixed mode
 For an access point to support 802.11a as well as 802.11b
and g, must have a second radio to operate in the different
RF band
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
14
Components and Structure of a WLAN
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
15
Components and Structure of a WLAN
 Identify and describe various wireless LAN
components.
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
16
Components and Structure of a WLAN
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
17
Components and Structure of a WLAN
Device
Description
Wireless Client (STA) Any wireless host device
Access Point (AP)
Controls access between wired and wireless network
Media converter (wired to/from wireless)
Wireless connections are supported in a cell or Basic
Service Set (BSS)
Wireless Bridge
Allows point-to-point wireless connections of up to 40
km
Antenna
Antenna receive and send signal and provide increased
signal strength known as gain
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
18
Components and Structure of a WLAN
 Identify and describe various wireless modes and the importance
of the SSID
IBSS – ad hoc
BSS - infrastructure
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
19
Components and Structure of a WLAN
 BSSs must overlap by approximately 10% - allows the client to
connect to the second AP before disconnecting from the first AP
 It is possible for the frequencies used by some channels to overlap
with those used by others
 Different conversations must be carried on non-overlapping
channels.
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
20
IEEE 802.11 establishes the channelization scheme
•2.4 GHz band is broken down into 11 channels for North America - center frequency
separation of only 5 MHz and an overall channel bandwidth of 22 MHz
•Overlap between successive channels
•Best practices use non-overlapping channels
• three adjacent access points - use channels 1, 6, and 11
• two, select any two that are five channels apart, such as channels 5 and 10.
• Many access points automatically select a channel
• Some products continuously monitor the radio space to adjust the channel
settings dynamically in response to changes
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
21
Components and Structure of a WLAN
 Uses an access method called Carrier Sense Multiple Access with Collision
Avoidance (CSMA/CA) - creates a reservation on the channel for use by a
specific conversation
If a device requires use of a specific communication channel in a BSS, it must ask
permission from the AP - known as a Request to Send (RTS)
AP will respond to the device with a Clear to Send (CTS) message
 The device that requested the channel sends another message to the AP
known as an Acknowledgement (ACK)
indicates to the AP that the channel can be released - broadcast to all devices
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
22
Components and Structure of a WLAN
 Configure an integrated wireless access point
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
23
Explain the Components and Operations
of Basic Wireless LAN Topologies
• A shared service set identifier (SSID) is a unique identifier that
client devices use to distinguish between multiple wireless
networks in the same vicinity.
• Several access points on a network can share an SSID.
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
24
Components and Structure of a WLAN
 Configure a wireless client
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
25
Wireless LAN Security Issues and Mitigation
Strategies
 Wireless networks are attacked because they are there
 War Driving – Driving around with a wireless laptop
performing site surveys to identify wireless networks to
attack
 War Chalking – hackers use sidewalk chalk or spray
paint to identify a location as a target for Wi-Fi attacks
 Attackers need not be visible—just in physical
proximity, i.e. car, another building
 Attackers may desire to compromise your data, but
probably just want free internet access or the challenge
of attacking a network without getting caught
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
26
Wireless LAN Security Issues and Mitigation
Strategies
 Describe authentication and its purpose
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
27
 Three types of wireless authentication methods:
open authentication – no authentication needed
PSK – preshared key - the host authenticates to the AP –need to know
the secret key
EAP – Extensible Authentication Protocol - two-way, authentication software is installed on the client - client communicates with a backend
authentication server such as Remote Authentication Dial-in User
Service (RADIUS) - maintains a database of valid users that can
access the network, the user must provide a username and password
which is checked against the RADIUS database for validity
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
28
 Why is encryption needed?
It is easy for an attacker to intercept, or sniff the wireless frames.
Encryption is the process of transforming data so that even if it is
intercepted it is unusable.
• Wired Equivalency Protocol (WEP) - uses pre-configured
keys to encrypt and decrypt data - a string of numbers and
letters
There are applications available to attackers that can be used to
discover the WEP key. These applications are readily available on the
Internet
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
29
• Wi-Fi Protected Access (WPA) - secure form of encryption
WPA also uses encryption - generates new, dynamic keys each time a
client establishes a connection with the AP
more difficult to crack
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
30
Wireless LAN Security Issues and Mitigation
Strategies
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
31
Wireless LAN Security Issues and Mitigation
Strategies
 Describe traffic filtering and its purpose
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
32
Wireless LAN Security Issues and Mitigation
Strategies
 Limiting access to a WLAN
MAC address filtering
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
33
Planning the WLAN
 Plan for a wireless LAN implementation
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
34
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
35
Configure and Verify Basic Wireless LAN
Access
 Configure a wireless access point
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
36
Configure and Verify Basic Wireless LAN
Access
 Configure a wireless access point
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
37
Configure an Integrated Wireless Access Point
and Wireless Client
 Installing and securing the AP
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
38
Configure an Integrated Wireless Access Point
and Wireless Client
 Security measures include:
 Change default values for the SSID, usernames and
passwords
 Disable broadcast SSID
 Configure MAC Address Filtering
 Configure encryption using WEP or WPA
 Configure authentication
 Configure traffic filtering
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
39
Configure an Integrated Wireless Access Point
and Wireless Client
 Describe options for backing-up and restoring AP
configurations
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
40
Configure an Integrated Wireless Access Point
and Wireless Client
 Identify current version of firmware and describe how to
update firmware
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
41
Summary
 Wireless technologies use electromagnetic radiation in
the form of radio signals to carry information between
devices.
 Ease and convenience of connecting devices wirelessly
creates security concerns that need to be addressed.
 Before installing wireless devices, an installation plan
should be created which includes strategies for layout
and security.
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
42
Summary
 Wireless LANs use standards such as
IEEE 802.11a
IEEE 802.11b
IEEE 802.11g
IEEE 802.11n
 Basic Service set
–Mobile clients use a single access point for connectivity
 Extended service set
–Multiple access point that share an SSID
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
43
Summary
 WLAN security practices/methods include
–MAC address filtering
–Implementing WPA2
 Configuration of wireless NIC and access point
–Configure both of them the same way
•SSID
–Ensure that the latest firmware is installed
 Troubleshooting WLANs include doing the following:
–Check channel setting
–Check for interference
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
44
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
45